<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <meta name="keywords" content="Hexo Theme Redefine">
    
    <meta name="author" content="xiaoeryu">
    <!-- preconnect -->
    <link rel="preconnect" href="https://fonts.googleapis.com">
    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>

    
    <!--- Seo Part-->
    
    <link rel="canonical" href="https://xiaoeeyu.github.io/page/9/"/>
    <meta name="robots" content="index,follow">
    <meta name="googlebot" content="index,follow">
    <meta name="revisit-after" content="1 days">
    
    
    
        
        <meta property="og:type" content="website">
<meta property="og:title" content="xiaoeryu">
<meta property="og:url" content="https://xiaoeeyu.github.io/page/9/index.html">
<meta property="og:site_name" content="xiaoeryu">
<meta property="og:locale" content="zh_CN">
<meta property="article:author" content="xiaoeryu">
<meta name="twitter:card" content="summary">
    
    
    <!--- Icon Part-->
    <link rel="icon" type="image/png" href="/images/rabete.jpg" sizes="192x192">
    <link rel="apple-touch-icon" sizes="180x180" href="/images/rabete.jpg">
    <meta name="theme-color" content="#A31F34">
    <link rel="shortcut icon" href="/images/rabete.jpg">
    <!--- Page Info-->
    
    <title>
        
            xiaoeryu - Redefine Your Hexo Journey.
        
    </title>

    
<link rel="stylesheet" href="/fonts/Chillax/chillax.css">


    <!--- Inject Part-->
    

    
<link rel="stylesheet" href="/css/style.css">


    
        
<link rel="stylesheet" href="/css/build/tailwind.css">

    

    
<link rel="stylesheet" href="/fonts/GeistMono/geist-mono.css">

    
<link rel="stylesheet" href="/fonts/Geist/geist.css">

    <!--- Font Part-->
    
    
    
    
    
    

    <script id="hexo-configurations">
    window.config = {"hostname":"xiaoeeyu.github.io","root":"/","language":"zh-CN","path":"search.xml"};
    window.theme = {"articles":{"style":{"font_size":"16px","line_height":1.5,"image_border_radius":"14px","image_alignment":"center","image_caption":false,"link_icon":true,"delete_mask":false,"title_alignment":"left","headings_top_spacing":{"h1":"3.2rem","h2":"2.4rem","h3":"1.9rem","h4":"1.6rem","h5":"1.4rem","h6":"1.3rem"}},"word_count":{"enable":true,"count":true,"min2read":true},"author_label":{"enable":true,"auto":false,"list":[]},"code_block":{"copy":true,"style":"mac","highlight_theme":{"light":"github","dark":"vs2015"},"font":{"enable":false,"family":null,"url":null}},"toc":{"enable":true,"max_depth":4,"number":false,"expand":true,"init_open":true},"copyright":{"enable":true,"default":"cc_by_nc_sa"},"lazyload":true,"pangu_js":false,"recommendation":{"enable":false,"title":"推荐阅读","limit":3,"mobile_limit":2,"placeholder":"/images/ball-0101.jpg","skip_dirs":[]}},"colors":{"primary":"#A31F34","secondary":null,"default_mode":"light"},"global":{"fonts":{"chinese":{"enable":false,"family":null,"url":null},"english":{"enable":false,"family":null,"url":null},"title":{"enable":false,"family":null,"url":null}},"content_max_width":"1000px","sidebar_width":"210px","hover":{"shadow":true,"scale":false},"scroll_progress":{"bar":false,"percentage":true},"website_counter":{"url":"https://busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js","enable":true,"site_pv":true,"site_uv":true,"post_pv":true},"single_page":true,"preloader":{"enable":false,"custom_message":null},"open_graph":true,"google_analytics":{"enable":false,"id":null}},"home_banner":{"enable":true,"style":"fixed","image":{"light":"/images/wallhaven-jxl31y.png","dark":"/images/wallhaven-o5762l.png"},"title":"XIAOERYU","subtitle":{"text":["明心见性，拨云见日","Don't wait, to create"],"hitokoto":{"enable":false,"show_author":false,"api":"https://v1.hitokoto.cn"},"typing_speed":100,"backing_speed":80,"starting_delay":500,"backing_delay":1500,"loop":true,"smart_backspace":true},"text_color":{"light":"#fff","dark":"#d1d1b6"},"text_style":{"title_size":"2.8rem","subtitle_size":"1.5rem","line_height":1.2},"custom_font":{"enable":false,"family":null,"url":null},"social_links":{"enable":true,"style":"default","links":{"github":"https://github.com/xiaoeeyu","instagram":null,"zhihu":null,"twitter":null,"email":"xiaoeryu@163.com"},"qrs":{"weixin":null}}},"plugins":{"feed":{"enable":false},"aplayer":{"enable":false,"type":"fixed","audios":[{"name":null,"artist":null,"url":null,"cover":null,"lrc":null}]},"mermaid":{"enable":false,"version":"9.3.0"}},"version":"2.8.2","navbar":{"auto_hide":false,"color":{"left":"#f78736","right":"#367df7","transparency":35},"width":{"home":"1200px","pages":"1000px"},"links":{"Home":{"path":"/","icon":"fa-regular fa-house"},"Archives":{"path":"/archives","icon":"fa-regular fa-archive"}},"search":{"enable":true,"preload":true}},"page_templates":{"friends_column":2,"tags_style":"blur"},"home":{"sidebar":{"enable":true,"position":"left","first_item":"menu","announcement":null,"show_on_mobile":true,"links":null},"article_date_format":"auto","excerpt_length":200,"categories":{"enable":true,"limit":3},"tags":{"enable":true,"limit":3}},"footerStart":"2022/8/17 11:45:14"};
    window.lang_ago = {"second":"%s 秒前","minute":"%s 分钟前","hour":"%s 小时前","day":"%s 天前","week":"%s 周前","month":"%s 个月前","year":"%s 年前"};
    window.data = {"masonry":false};
  </script>
    
    <!--- Fontawesome Part-->
    
<link rel="stylesheet" href="/fontawesome/fontawesome.min.css">

    
<link rel="stylesheet" href="/fontawesome/brands.min.css">

    
<link rel="stylesheet" href="/fontawesome/solid.min.css">

    
<link rel="stylesheet" href="/fontawesome/regular.min.css">

    
    
    
    
<meta name="generator" content="Hexo 6.3.0">
<style>.github-emoji { position: relative; display: inline-block; width: 1.2em; min-height: 1.2em; overflow: hidden; vertical-align: top; color: transparent; }  .github-emoji > span { position: relative; z-index: 10; }  .github-emoji img, .github-emoji .fancybox { margin: 0 !important; padding: 0 !important; border: none !important; outline: none !important; text-decoration: none !important; user-select: none !important; cursor: auto !important; }  .github-emoji img { height: 1.2em !important; width: 1.2em !important; position: absolute !important; left: 50% !important; top: 50% !important; transform: translate(-50%, -50%) !important; user-select: none !important; cursor: auto !important; } .github-emoji-fallback { color: inherit; } .github-emoji-fallback img { opacity: 0 !important; }</style>
</head>



<body>
	<div class="progress-bar-container">
	

	
	<span class="pjax-progress-bar"></span>
	<!--        <span class="swup-progress-icon">-->
	<!--            <i class="fa-solid fa-circle-notch fa-spin"></i>-->
	<!--        </span>-->
	
</div>

<main class="page-container" id="swup">

	
	<style>
    .home-article-item,
    .sidebar-links,
    .sidebar-content,
    a.page-number,
    a.extend,
    .sidebar-links .links:hover,
    .right-bottom-tools,
    footer.footer {
        background-color: var(--background-color-transparent-80) !important;
    }
    .right-bottom-tools:hover,
    a.page-number:hover,
    a.extend:hover {
        background-color: var(--primary-color) !important;
    }
    .site-info,
    .home-article-sticky-label {
        background-color: var(--background-color-transparent-15) !important;
    }
    .home-article-sticky-label {
        backdrop-filter: none !important;
    }
    .home-banner-background {
        filter: blur(15px);
    }
</style>

<div class="home-banner-background transition-fade fixed top-0 left-0 w-screen h-screen scale-125 sm:scale-110 box-border will-change-transform bg-cover">
    <img src="/images/wallhaven-jxl31y.png" alt="home-banner-background" class="w-full h-full object-cover dark:hidden">
    <img src="/images/wallhaven-o5762l.png" alt="home-banner-background" class="w-full h-full object-cover hidden dark:block">
</div>


	

	<div class="main-content-container flex flex-col justify-between min-h-dvh">
		<div class="main-content-header">
			<header class="navbar-container px-6 md:px-12">
    <div class="navbar-content transition-navbar ">
        <div class="left">
            
                <a class="logo-image h-8 w-8 sm:w-10 sm:h-10 mr-3" href="/">
                    <img src="/images/rabete.jpg" class="w-full h-full rounded-sm">
                </a>
            
            <a class="logo-title" href="/">
                <h1>
                xiaoeryu
                </h1>
            </a>
        </div>

        <div class="right">
            <!-- PC -->
            <div class="desktop">
                <ul class="navbar-list">
                    
                        
                            

                            <li class="navbar-item">
                                <!-- Menu -->
                                <a class="active"
                                   href="/"
                                        >
                                    <i class="fa-regular fa-house fa-fw"></i>
                                    首页
                                    
                                </a>

                                <!-- Submenu -->
                                
                            </li>
                    
                        
                            

                            <li class="navbar-item">
                                <!-- Menu -->
                                <a class=""
                                   href="/archives"
                                        >
                                    <i class="fa-regular fa-archive fa-fw"></i>
                                    归档
                                    
                                </a>

                                <!-- Submenu -->
                                
                            </li>
                    
                    
                        <li class="navbar-item search search-popup-trigger">
                            <i class="fa-solid fa-magnifying-glass"></i>
                        </li>
                    
                </ul>
            </div>
            <!-- Mobile -->
            <div class="mobile">
                
                    <div class="icon-item search search-popup-trigger"><i class="fa-solid fa-magnifying-glass"></i>
                    </div>
                
                <div class="icon-item navbar-bar">
                    <div class="navbar-bar-middle"></div>
                </div>
            </div>
        </div>
    </div>

    <!-- Mobile sheet -->
    <div class="navbar-drawer h-dvh w-full absolute top-0 left-0 bg-background-color flex flex-col justify-between">
        <ul class="drawer-navbar-list flex flex-col px-4 justify-center items-start">
            
                
                    

                    <li class="drawer-navbar-item text-base my-1.5 flex flex-col w-full">
                        
                        <a class="py-1.5 px-2 flex flex-row items-center justify-between gap-1 hover:!text-primary active:!text-primary text-2xl font-semibold group border-b border-border-color hover:border-primary w-full active"
                           href="/"
                        >
                            <span>
                                首页
                            </span>
                            
                                <i class="fa-regular fa-house fa-sm fa-fw"></i>
                            
                        </a>
                        

                        
                    </li>
            
                
                    

                    <li class="drawer-navbar-item text-base my-1.5 flex flex-col w-full">
                        
                        <a class="py-1.5 px-2 flex flex-row items-center justify-between gap-1 hover:!text-primary active:!text-primary text-2xl font-semibold group border-b border-border-color hover:border-primary w-full "
                           href="/archives"
                        >
                            <span>
                                归档
                            </span>
                            
                                <i class="fa-regular fa-archive fa-sm fa-fw"></i>
                            
                        </a>
                        

                        
                    </li>
            

            
            
        </ul>

        <div class="statistics flex justify-around my-2.5">
    <a class="item tag-count-item flex flex-col justify-center items-center w-20" href="/tags">
        <div class="number text-2xl sm:text-xl text-second-text-color font-semibold">92</div>
        <div class="label text-third-text-color text-sm">标签</div>
    </a>
    <a class="item tag-count-item flex flex-col justify-center items-center w-20" href="/categories">
        <div class="number text-2xl sm:text-xl text-second-text-color font-semibold">14</div>
        <div class="label text-third-text-color text-sm">分类</div>
    </a>
    <a class="item tag-count-item flex flex-col justify-center items-center w-20" href="/archives">
        <div class="number text-2xl sm:text-xl text-second-text-color font-semibold">112</div>
        <div class="label text-third-text-color text-sm">文章</div>
    </a>
</div>
    </div>

    <div class="window-mask"></div>

</header>


		</div>

		<div class="main-content-body transition-fade-up">
			
			<div class="home-sidebar-container">
    <div class="sticky-container sticky">
        
        
            
            <div class="sidebar-content" >
                <div class="avatar flex justify-center">
    <img src="/images/rabete.jpg">
</div>
                <div class="author flex flex-col justify-center my-2.5 mx-0">
    <div class="name">xiaoeryu</div>
    
        <div class="label">Lv5</div>
    
</div>
                <div class="statistics flex justify-around my-2.5">
    <a class="item tag-count-item flex flex-col justify-center items-center w-20" href="/tags">
        <div class="number text-2xl sm:text-xl text-second-text-color font-semibold">92</div>
        <div class="label text-third-text-color text-sm">标签</div>
    </a>
    <a class="item tag-count-item flex flex-col justify-center items-center w-20" href="/categories">
        <div class="number text-2xl sm:text-xl text-second-text-color font-semibold">14</div>
        <div class="label text-third-text-color text-sm">分类</div>
    </a>
    <a class="item tag-count-item flex flex-col justify-center items-center w-20" href="/archives">
        <div class="number text-2xl sm:text-xl text-second-text-color font-semibold">112</div>
        <div class="label text-third-text-color text-sm">文章</div>
    </a>
</div>
            </div>
        

    </div>
</div>

			

			<div class="main-content">
				<div class="home-content-container">
    <ul class="home-article-list">
        
            <li class="home-article-item">

                

                

                
                <div class="flex flex-col gap-5 px-7 pb-7 pt-7">
                    <h3 class="home-article-title">
                        <a href="/2021/05/26/Cobalt-Strike-%E4%B8%89/">
                            Cobalt Strike(三)
                        </a>
                    </h3>

                    <div class="home-article-content markdown-body">
                        
                            <h2 id="Cobalt-Strike-DNS-Beacon的使用与原理"><a href="#Cobalt-Strike-DNS-Beacon的使用与原理" class="headerlink" title="Cobalt Strike DNS Beacon的使用与原理"></a>Cobalt Strike DNS Beacon的使用与原理</h2><p>这一节实验需要有一台公网vps和一个域名</p>
                        
                    </div>

                    <div class="home-article-meta-info-container">
    <div class="home-article-meta-info">
        <span><i class="fa-solid fa-calendars"></i>&nbsp;
            <span class="home-article-date" data-date="Wed May 26 2021 10:26:21 GMT+0800">
                
                    2021-05-26
                
            </span>
        </span>
        
            <span class="home-article-category">
                <i class="fa-solid fa-folders"></i>&nbsp;
            <ul>
                
                
                    
                        
                        <li>
                            <a href="/categories/%E6%B8%97%E9%80%8F/">渗透</a>&nbsp;
                        </li>
                    
                    
                
            </ul>
        </span>
        
        
            <span class="home-article-tag">
                <i class="fa-solid fa-tags"></i>&nbsp;
                <ul>
                    
                        <li>
                            
                            <a href="/tags/Cobalt-Strike/">-Cobalt Strike</a>&nbsp;
                        </li>
                    
                </ul>
            </span>
        
    </div>

    <a href="/2021/05/26/Cobalt-Strike-%E4%B8%89/">阅读全文<span class="seo-reader-text">Cobalt Strike(三)</span>&nbsp;<i class="fa-solid fa-angle-right"></i></a>
</div>

                </div>
            </li>
        
            <li class="home-article-item">

                

                

                
                <div class="flex flex-col gap-5 px-7 pb-7 pt-7">
                    <h3 class="home-article-title">
                        <a href="/2021/05/25/Cobalt-Strike-%E4%BA%8C/">
                            Cobalt Strike(二)
                        </a>
                    </h3>

                    <div class="home-article-content markdown-body">
                        
                            <h2 id="Cobalt-Strike重定器"><a href="#Cobalt-Strike重定器" class="headerlink" title="Cobalt Strike重定器"></a>Cobalt Strike重定器</h2><p>域名：kali123.com</p>
<p>dns服务器 ：192.168.3.40</p>
<p>csserver(kali)：192.168.3.8	k.kali.com</p>
<p>Ubuntu：192.168.3.42</p>
                        
                    </div>

                    <div class="home-article-meta-info-container">
    <div class="home-article-meta-info">
        <span><i class="fa-solid fa-calendars"></i>&nbsp;
            <span class="home-article-date" data-date="Tue May 25 2021 16:40:52 GMT+0800">
                
                    2021-05-25
                
            </span>
        </span>
        
            <span class="home-article-category">
                <i class="fa-solid fa-folders"></i>&nbsp;
            <ul>
                
                
                    
                        
                        <li>
                            <a href="/categories/%E6%B8%97%E9%80%8F/">渗透</a>&nbsp;
                        </li>
                    
                    
                
            </ul>
        </span>
        
        
            <span class="home-article-tag">
                <i class="fa-solid fa-tags"></i>&nbsp;
                <ul>
                    
                        <li>
                            
                            <a href="/tags/Cobalt-Strike/">-Cobalt Strike</a>&nbsp;
                        </li>
                    
                </ul>
            </span>
        
    </div>

    <a href="/2021/05/25/Cobalt-Strike-%E4%BA%8C/">阅读全文<span class="seo-reader-text">Cobalt Strike(二)</span>&nbsp;<i class="fa-solid fa-angle-right"></i></a>
</div>

                </div>
            </li>
        
            <li class="home-article-item">

                

                

                
                <div class="flex flex-col gap-5 px-7 pb-7 pt-7">
                    <h3 class="home-article-title">
                        <a href="/2021/05/24/Cobalt-Strike%E4%BD%BF%E7%94%A8%EF%BC%88%E4%B8%80%EF%BC%89/">
                            Cobalt Strike使用（一）
                        </a>
                    </h3>

                    <div class="home-article-content markdown-body">
                        
                            <h2 id="基本使用"><a href="#基本使用" class="headerlink" title="基本使用"></a>基本使用</h2><h3 id="简介："><a href="#简介：" class="headerlink" title="简介："></a>简介：</h3><p>​	Cobalt Strike作为一款GUI的框架式渗透工具，集成了端口转发、服务扫描、自动化溢出、多模式端口监听、exe\dll\java木马生成、office宏病毒生成、木马捆绑；钓鱼攻击包括：站点克隆、目标信息获取、java执行、浏览器自动攻击等等。</p>
                        
                    </div>

                    <div class="home-article-meta-info-container">
    <div class="home-article-meta-info">
        <span><i class="fa-solid fa-calendars"></i>&nbsp;
            <span class="home-article-date" data-date="Mon May 24 2021 17:55:48 GMT+0800">
                
                    2021-05-24
                
            </span>
        </span>
        
            <span class="home-article-category">
                <i class="fa-solid fa-folders"></i>&nbsp;
            <ul>
                
                
                    
                        
                        <li>
                            <a href="/categories/%E6%B8%97%E9%80%8F/">渗透</a>&nbsp;
                        </li>
                    
                    
                
            </ul>
        </span>
        
        
            <span class="home-article-tag">
                <i class="fa-solid fa-tags"></i>&nbsp;
                <ul>
                    
                        <li>
                            
                            <a href="/tags/Cobalt-Strike/">-Cobalt Strike</a>&nbsp;
                        </li>
                    
                </ul>
            </span>
        
    </div>

    <a href="/2021/05/24/Cobalt-Strike%E4%BD%BF%E7%94%A8%EF%BC%88%E4%B8%80%EF%BC%89/">阅读全文<span class="seo-reader-text">Cobalt Strike使用（一）</span>&nbsp;<i class="fa-solid fa-angle-right"></i></a>
</div>

                </div>
            </li>
        
            <li class="home-article-item">

                

                

                
                <div class="flex flex-col gap-5 px-7 pb-7 pt-7">
                    <h3 class="home-article-title">
                        <a href="/2021/05/24/ARM%E6%B1%87%E7%BC%96%E7%AC%94%E8%AE%B0/">
                            ARM汇编笔记
                        </a>
                    </h3>

                    <div class="home-article-content markdown-body">
                        
                            <h2 id="ARM汇编的一些知识"><a href="#ARM汇编的一些知识" class="headerlink" title="ARM汇编的一些知识"></a>ARM汇编的一些知识</h2><h3 id="寄存器数量"><a href="#寄存器数量" class="headerlink" title="寄存器数量"></a>寄存器数量</h3><p>ARM处理器一共有37个32位寄存器。<br>30个为“通用“寄存器： r0-r14<br>未分组：r0-r7，即只有一个寄存器<br>分 组：r8-r14，即有多个同名寄存器<br>r8-r12 ：两个<br>r13-r14：6个 r13(sp),R14(lr)<br>1个固定的程序计数器 ： pc (又称r15)<br>6个为状态寄存器 ： cpsr spsr<br>不能被同时访问,一种模式下最多同时访问18个寄存器</p>
                        
                    </div>

                    <div class="home-article-meta-info-container">
    <div class="home-article-meta-info">
        <span><i class="fa-solid fa-calendars"></i>&nbsp;
            <span class="home-article-date" data-date="Mon May 24 2021 16:20:34 GMT+0800">
                
                    2021-05-24
                
            </span>
        </span>
        
            <span class="home-article-category">
                <i class="fa-solid fa-folders"></i>&nbsp;
            <ul>
                
                
                    
                        
                        <li>
                            <a href="/categories/ARM%E6%B1%87%E7%BC%96/">ARM汇编</a>&nbsp;
                        </li>
                    
                    
                
            </ul>
        </span>
        
        
    </div>

    <a href="/2021/05/24/ARM%E6%B1%87%E7%BC%96%E7%AC%94%E8%AE%B0/">阅读全文<span class="seo-reader-text">ARM汇编笔记</span>&nbsp;<i class="fa-solid fa-angle-right"></i></a>
</div>

                </div>
            </li>
        
            <li class="home-article-item">

                

                

                
                <div class="flex flex-col gap-5 px-7 pb-7 pt-7">
                    <h3 class="home-article-title">
                        <a href="/2021/05/24/Ocean-Lotus%E6%A0%B7%E6%9C%AC%E5%88%86%E6%9E%90/">
                            Ocean Lotus样本分析
                        </a>
                    </h3>

                    <div class="home-article-content markdown-body">
                        
                            <h2 id="0x00样本简介"><a href="#0x00样本简介" class="headerlink" title="0x00样本简介"></a>0x00样本简介</h2><p>​    该样本是2018年5月份国内某安全厂商威胁情报系统捕获的一起针对中国及其他东亚地区国家政府、科研单位领域的攻击样本，该APT组织确认为APT-32（海莲花OceanLotus）。<br>​    此次攻击载体选用的是.doc后缀的rtf文件，该rtf文件通过利用漏洞CVE-2017-11882释放恶意文件到本地并加载执行。其释放文件利用了白加黑的组合加载手法逃避杀软的查杀，在运行过程中并无我们常见的多级注入行为，也并没有文件落地，具有较强的隐蔽性。原始样本信息如表１所示。</p>
<table>
<thead>
<tr>
<th>文件名称</th>
<th>Document_GPI Invitation-UNSOOC China.doc</th>
</tr>
</thead>
<tbody><tr>
<td>Md5</td>
<td>02ae075da4fb2a6d38ce06f8f40e397e</td>
</tr>
<tr>
<td>文件类型</td>
<td>Rtf</td>
</tr>
</tbody></table>
<center>表1</center>
                        
                    </div>

                    <div class="home-article-meta-info-container">
    <div class="home-article-meta-info">
        <span><i class="fa-solid fa-calendars"></i>&nbsp;
            <span class="home-article-date" data-date="Mon May 24 2021 15:51:57 GMT+0800">
                
                    2021-05-24
                
            </span>
        </span>
        
            <span class="home-article-category">
                <i class="fa-solid fa-folders"></i>&nbsp;
            <ul>
                
                
                    
                        
                        <li>
                            <a href="/categories/%E6%A0%B7%E6%9C%AC%E5%88%86%E6%9E%90/">样本分析</a>&nbsp;
                        </li>
                    
                    
                
            </ul>
        </span>
        
        
            <span class="home-article-tag">
                <i class="fa-solid fa-tags"></i>&nbsp;
                <ul>
                    
                        <li>
                            
                            <a href="/tags/windows%E6%9C%A8%E9%A9%AC/">windows木马</a>&nbsp;
                        </li>
                    
                        <li>
                            | 
                            <a href="/tags/OceanLotus/">OceanLotus</a>&nbsp;
                        </li>
                    
                </ul>
            </span>
        
    </div>

    <a href="/2021/05/24/Ocean-Lotus%E6%A0%B7%E6%9C%AC%E5%88%86%E6%9E%90/">阅读全文<span class="seo-reader-text">Ocean Lotus样本分析</span>&nbsp;<i class="fa-solid fa-angle-right"></i></a>
</div>

                </div>
            </li>
        
            <li class="home-article-item">

                

                

                
                <div class="flex flex-col gap-5 px-7 pb-7 pt-7">
                    <h3 class="home-article-title">
                        <a href="/2021/05/24/%E4%B8%80%E6%9E%9A%E7%AE%80%E5%8D%95%E7%9A%84%E6%9C%AA%E7%9F%A5%E5%A3%B3/">
                            一枚简单的未知壳
                        </a>
                    </h3>

                    <div class="home-article-content markdown-body">
                        
                            <h3 id="工具-amp-环境"><a href="#工具-amp-环境" class="headerlink" title="工具&amp;环境:"></a>工具&amp;环境:</h3><table>
<thead>
<tr>
<th align="left">工具</th>
<th>系统环境</th>
</tr>
</thead>
<tbody><tr>
<td align="left">PEID</td>
<td>win7_x86</td>
</tr>
<tr>
<td align="left">OD</td>
<td></td>
</tr>
<tr>
<td align="left">IDA</td>
<td></td>
</tr>
<tr>
<td align="left">imporREC</td>
<td></td>
</tr>
</tbody></table>
<h3 id="查壳"><a href="#查壳" class="headerlink" title="查壳"></a>查壳</h3><p>先用PEID扫了一下发现什么都没有扫到<br> <img lazyload="" src="/images/loading.svg" data-src="/2021/05/24/%E4%B8%80%E6%9E%9A%E7%AE%80%E5%8D%95%E7%9A%84%E6%9C%AA%E7%9F%A5%E5%A3%B3/623a1200-5054-432b-9613-8ceb28562e82.jpg" class="" title="img"></p>
                        
                    </div>

                    <div class="home-article-meta-info-container">
    <div class="home-article-meta-info">
        <span><i class="fa-solid fa-calendars"></i>&nbsp;
            <span class="home-article-date" data-date="Mon May 24 2021 15:29:04 GMT+0800">
                
                    2021-05-24
                
            </span>
        </span>
        
            <span class="home-article-category">
                <i class="fa-solid fa-folders"></i>&nbsp;
            <ul>
                
                
                    
                        
                        <li>
                            <a href="/categories/Win%E9%80%86%E5%90%91/">Win逆向</a>&nbsp;
                        </li>
                    
                    
                
            </ul>
        </span>
        
        
            <span class="home-article-tag">
                <i class="fa-solid fa-tags"></i>&nbsp;
                <ul>
                    
                        <li>
                            
                            <a href="/tags/Windows%E8%84%B1%E5%A3%B3/">Windows脱壳</a>&nbsp;
                        </li>
                    
                </ul>
            </span>
        
    </div>

    <a href="/2021/05/24/%E4%B8%80%E6%9E%9A%E7%AE%80%E5%8D%95%E7%9A%84%E6%9C%AA%E7%9F%A5%E5%A3%B3/">阅读全文<span class="seo-reader-text">一枚简单的未知壳</span>&nbsp;<i class="fa-solid fa-angle-right"></i></a>
</div>

                </div>
            </li>
        
            <li class="home-article-item">

                

                

                
                <div class="flex flex-col gap-5 px-7 pb-7 pt-7">
                    <h3 class="home-article-title">
                        <a href="/2021/05/21/HW%E6%A0%B7%E6%9C%AC%E5%88%86%E6%9E%90/">
                            HW样本分析
                        </a>
                    </h3>

                    <div class="home-article-content markdown-body">
                        
                            <h3 id="0x00-样本信息"><a href="#0x00-样本信息" class="headerlink" title="0x00 样本信息"></a>0x00 样本信息</h3><p>​	HW期间拿到的一个样本，用了lnk的启动方式。运行后会启动隐藏属性的exe和dll文件，进行后续的内存解密操作后用域前置的方法执行外联操作。</p>
                        
                    </div>

                    <div class="home-article-meta-info-container">
    <div class="home-article-meta-info">
        <span><i class="fa-solid fa-calendars"></i>&nbsp;
            <span class="home-article-date" data-date="Fri May 21 2021 18:32:26 GMT+0800">
                
                    2021-05-21
                
            </span>
        </span>
        
            <span class="home-article-category">
                <i class="fa-solid fa-folders"></i>&nbsp;
            <ul>
                
                
                    
                        
                        <li>
                            <a href="/categories/%E6%A0%B7%E6%9C%AC%E5%88%86%E6%9E%90/">样本分析</a>&nbsp;
                        </li>
                    
                    
                
            </ul>
        </span>
        
        
            <span class="home-article-tag">
                <i class="fa-solid fa-tags"></i>&nbsp;
                <ul>
                    
                        <li>
                            
                            <a href="/tags/windows%E6%9C%A8%E9%A9%AC/">windows木马</a>&nbsp;
                        </li>
                    
                </ul>
            </span>
        
    </div>

    <a href="/2021/05/21/HW%E6%A0%B7%E6%9C%AC%E5%88%86%E6%9E%90/">阅读全文<span class="seo-reader-text">HW样本分析</span>&nbsp;<i class="fa-solid fa-angle-right"></i></a>
</div>

                </div>
            </li>
        
            <li class="home-article-item">

                

                

                
                <div class="flex flex-col gap-5 px-7 pb-7 pt-7">
                    <h3 class="home-article-title">
                        <a href="/2021/05/20/winDbg%E5%AE%89%E8%A3%85mona/">
                            winXP安装mona
                        </a>
                    </h3>

                    <div class="home-article-content markdown-body">
                        
                            <h3 id="Windows-XP，32位"><a href="#Windows-XP，32位" class="headerlink" title="Windows XP，32位"></a>Windows XP，32位</h3><ol>
<li><p>从<a class="link" target="_blank" rel="noopener" href="https://github.com/corelan/windbglib/raw/master/pykd/pykd.zip%E4%B8%8B%E8%BD%BDpykd.zip">https://github.com/corelan/windbglib/raw/master/pykd/pykd.zip下载pykd.zip<i class="fa-solid fa-arrow-up-right ml-[0.2em] font-light align-text-top text-[0.7em] link-icon"></i></a></p>
</li>
<li><p>解压后获得2个文件：pykd.pyd和vcredist_x86.exe</p>
</li>
<li><p>使用管理员权限运行vcredist_x86.exe并接受默认值。</p>
</li>
<li><p>将pykd.pyd复制到 <code>C:\Program Files\Debugging Tools for Windows (x86)\winext</code></p>
</li>
<li><p>打开具有管理员权限的命令提示符，然后运行以下命令：</p>
<pre><code>c:
cd "C:\Program Files\Common Files\Microsoft Shared\VC"
regsvr32 msdia90.dll
(You should get a messagebox indicating that the dll was registered successfully)
</code></pre>
</li>
<li><p>从<a class="link" target="_blank" rel="noopener" href="https://github.com/corelan/windbglib/raw/master/windbglib.py%E4%B8%8B%E8%BD%BDwindbglib.py">https://github.com/corelan/windbglib/raw/master/windbglib.py下载windbglib.py<i class="fa-solid fa-arrow-up-right ml-[0.2em] font-light align-text-top text-[0.7em] link-icon"></i></a></p>
</li>
<li><p>将文件保存在下面<code>C:\Program Files\Debugging Tools for Windows (x86)</code> （如果需要，“取消阻止”文件）</p>
</li>
<li><p>从<a class="link" target="_blank" rel="noopener" href="https://github.com/corelan/mona/raw/master/mona.py%E4%B8%8B%E8%BD%BDmona.py">https://github.com/corelan/mona/raw/master/mona.py下载mona.py<i class="fa-solid fa-arrow-up-right ml-[0.2em] font-light align-text-top text-[0.7em] link-icon"></i></a></p>
</li>
<li><p>将文件保存在下面<code>C:\Program Files\Debugging Tools for Windows (x86)</code> （如果需要，“取消阻止”文件）</p>
</li>
</ol>
                        
                    </div>

                    <div class="home-article-meta-info-container">
    <div class="home-article-meta-info">
        <span><i class="fa-solid fa-calendars"></i>&nbsp;
            <span class="home-article-date" data-date="Thu May 20 2021 11:05:14 GMT+0800">
                
                    2021-05-20
                
            </span>
        </span>
        
            <span class="home-article-category">
                <i class="fa-solid fa-folders"></i>&nbsp;
            <ul>
                
                
                    
                        
                        <li>
                            <a href="/categories/%E5%B7%A5%E5%85%B7/">工具</a>&nbsp;
                        </li>
                    
                    
                
            </ul>
        </span>
        
        
            <span class="home-article-tag">
                <i class="fa-solid fa-tags"></i>&nbsp;
                <ul>
                    
                        <li>
                            
                            <a href="/tags/winDbg%E6%8F%92%E4%BB%B6/">winDbg插件</a>&nbsp;
                        </li>
                    
                </ul>
            </span>
        
    </div>

    <a href="/2021/05/20/winDbg%E5%AE%89%E8%A3%85mona/">阅读全文<span class="seo-reader-text">winXP安装mona</span>&nbsp;<i class="fa-solid fa-angle-right"></i></a>
</div>

                </div>
            </li>
        
            <li class="home-article-item">

                

                

                
                <div class="flex flex-col gap-5 px-7 pb-7 pt-7">
                    <h3 class="home-article-title">
                        <a href="/2021/05/20/go%E7%8E%AF%E5%A2%83%E5%8F%98%E9%87%8F%E8%AE%BE%E7%BD%AE/">
                            go环境变量设置
                        </a>
                    </h3>

                    <div class="home-article-content markdown-body">
                        
                            <h3 id="question："><a href="#question：" class="headerlink" title="question："></a>question：</h3><ul>
<li>linux下设置go环境变量之后，再次打开新的终端或者重启后环境变量会失效需要重新<code>source /etc/profile</code> 后才能生效</li>
</ul>
                        
                    </div>

                    <div class="home-article-meta-info-container">
    <div class="home-article-meta-info">
        <span><i class="fa-solid fa-calendars"></i>&nbsp;
            <span class="home-article-date" data-date="Thu May 20 2021 10:56:10 GMT+0800">
                
                    2021-05-20
                
            </span>
        </span>
        
            <span class="home-article-category">
                <i class="fa-solid fa-folders"></i>&nbsp;
            <ul>
                
                
                    
                        
                        <li>
                            <a href="/categories/%E5%B7%A5%E5%85%B7/">工具</a>&nbsp;
                        </li>
                    
                    
                
            </ul>
        </span>
        
        
            <span class="home-article-tag">
                <i class="fa-solid fa-tags"></i>&nbsp;
                <ul>
                    
                        <li>
                            
                            <a href="/tags/%E7%8E%AF%E5%A2%83%E9%85%8D%E7%BD%AE/">环境配置</a>&nbsp;
                        </li>
                    
                        <li>
                            | 
                            <a href="/tags/golang/">golang</a>&nbsp;
                        </li>
                    
                </ul>
            </span>
        
    </div>

    <a href="/2021/05/20/go%E7%8E%AF%E5%A2%83%E5%8F%98%E9%87%8F%E8%AE%BE%E7%BD%AE/">阅读全文<span class="seo-reader-text">go环境变量设置</span>&nbsp;<i class="fa-solid fa-angle-right"></i></a>
</div>

                </div>
            </li>
        
            <li class="home-article-item">

                

                

                
                <div class="flex flex-col gap-5 px-7 pb-7 pt-7">
                    <h3 class="home-article-title">
                        <a href="/2021/05/20/exploit%E7%BC%96%E5%86%99%E7%B3%BB%E5%88%972%EF%BC%9A%E6%A0%88%E6%BA%A2%E5%87%BA%EF%BC%8C%E8%B7%B3%E8%BD%AC%E8%87%B3shellcode/">
                            exploit编写系列2：栈溢出，跳转至shellcode
                        </a>
                    </h3>

                    <div class="home-article-content markdown-body">
                        
                            <h1 id="exploit编写系列2：栈溢出，跳转至shellcode"><a href="#exploit编写系列2：栈溢出，跳转至shellcode" class="headerlink" title="exploit编写系列2：栈溢出，跳转至shellcode"></a>exploit编写系列2：栈溢出，跳转至shellcode</h1><p>这篇blog是为了学习如何用各种方式去构造栈溢出类型漏洞的exp</p>
<p>执行shellcode的多种方法：</p>
<ol>
<li>jump/call	寄存器</li>
<li>pop return</li>
<li>push return</li>
<li>jmp[reg + offset]</li>
<li>blind return</li>
<li>jmp code</li>
<li>SHE</li>
<li>call</li>
</ol>
                        
                    </div>

                    <div class="home-article-meta-info-container">
    <div class="home-article-meta-info">
        <span><i class="fa-solid fa-calendars"></i>&nbsp;
            <span class="home-article-date" data-date="Thu May 20 2021 10:27:25 GMT+0800">
                
                    2021-05-20
                
            </span>
        </span>
        
            <span class="home-article-category">
                <i class="fa-solid fa-folders"></i>&nbsp;
            <ul>
                
                
                    
                        
                        <li>
                            <a href="/categories/Win%E9%80%86%E5%90%91/">Win逆向</a>&nbsp;
                        </li>
                    
                    
                
            </ul>
        </span>
        
        
            <span class="home-article-tag">
                <i class="fa-solid fa-tags"></i>&nbsp;
                <ul>
                    
                        <li>
                            
                            <a href="/tags/exploit%E7%BC%96%E5%86%99/">exploit编写</a>&nbsp;
                        </li>
                    
                        <li>
                            | 
                            <a href="/tags/%E6%BA%A2%E5%87%BA%E7%B1%BB%E5%9E%8B%E6%BC%8F%E6%B4%9E/">溢出类型漏洞</a>&nbsp;
                        </li>
                    
                </ul>
            </span>
        
    </div>

    <a href="/2021/05/20/exploit%E7%BC%96%E5%86%99%E7%B3%BB%E5%88%972%EF%BC%9A%E6%A0%88%E6%BA%A2%E5%87%BA%EF%BC%8C%E8%B7%B3%E8%BD%AC%E8%87%B3shellcode/">阅读全文<span class="seo-reader-text">exploit编写系列2：栈溢出，跳转至shellcode</span>&nbsp;<i class="fa-solid fa-angle-right"></i></a>
</div>

                </div>
            </li>
        
            <li class="home-article-item">

                

                

                
                <div class="flex flex-col gap-5 px-7 pb-7 pt-7">
                    <h3 class="home-article-title">
                        <a href="/2021/05/20/exploit%E7%BC%96%E5%86%99%E7%B3%BB%E5%88%971-Easy-RM-to-MP3-%E6%BC%8F%E6%B4%9E%E8%B0%83%E8%AF%95/">
                            exploit编写系列1:Easy RM to MP3 漏洞调试
                        </a>
                    </h3>

                    <div class="home-article-content markdown-body">
                        
                            <h1 id="Easy-RM-to-MP3-漏洞调试"><a href="#Easy-RM-to-MP3-漏洞调试" class="headerlink" title="Easy RM to MP3 漏洞调试"></a>Easy RM to MP3 漏洞调试</h1><h3 id="0X00前言"><a href="#0X00前言" class="headerlink" title="0X00	前言"></a>0X00	前言</h3><p>分析这个漏洞主要是为了学习怎么通过调试并编写溢出类型漏洞的EXP</p>
<h3 id="0X01分析环境"><a href="#0X01分析环境" class="headerlink" title="0X01	分析环境"></a>0X01	分析环境</h3><table>
<thead>
<tr>
<th>调试环境</th>
<th>版本</th>
</tr>
</thead>
<tbody><tr>
<td>系统版本</td>
<td>XP_sp3</td>
</tr>
<tr>
<td>Easy RM to MP3</td>
<td>2.7.3.700</td>
</tr>
<tr>
<td>windbg</td>
<td>6.12</td>
</tr>
</tbody></table>
                        
                    </div>

                    <div class="home-article-meta-info-container">
    <div class="home-article-meta-info">
        <span><i class="fa-solid fa-calendars"></i>&nbsp;
            <span class="home-article-date" data-date="Thu May 20 2021 10:22:12 GMT+0800">
                
                    2021-05-20
                
            </span>
        </span>
        
            <span class="home-article-category">
                <i class="fa-solid fa-folders"></i>&nbsp;
            <ul>
                
                
                    
                        
                        <li>
                            <a href="/categories/Win%E9%80%86%E5%90%91/">Win逆向</a>&nbsp;
                        </li>
                    
                    
                
            </ul>
        </span>
        
        
            <span class="home-article-tag">
                <i class="fa-solid fa-tags"></i>&nbsp;
                <ul>
                    
                        <li>
                            
                            <a href="/tags/exploit%E7%BC%96%E5%86%99/">exploit编写</a>&nbsp;
                        </li>
                    
                        <li>
                            | 
                            <a href="/tags/%E6%BA%A2%E5%87%BA%E7%B1%BB%E5%9E%8B%E6%BC%8F%E6%B4%9E/">溢出类型漏洞</a>&nbsp;
                        </li>
                    
                </ul>
            </span>
        
    </div>

    <a href="/2021/05/20/exploit%E7%BC%96%E5%86%99%E7%B3%BB%E5%88%971-Easy-RM-to-MP3-%E6%BC%8F%E6%B4%9E%E8%B0%83%E8%AF%95/">阅读全文<span class="seo-reader-text">exploit编写系列1:Easy RM to MP3 漏洞调试</span>&nbsp;<i class="fa-solid fa-angle-right"></i></a>
</div>

                </div>
            </li>
        
            <li class="home-article-item">

                

                

                
                <div class="flex flex-col gap-5 px-7 pb-7 pt-7">
                    <h3 class="home-article-title">
                        <a href="/2021/05/20/CVE-2009-0927-PDF%E4%B8%AD%E7%9A%84JS/">
                            CVE-2009-0927:PDF中的JS
                        </a>
                    </h3>

                    <div class="home-article-content markdown-body">
                        
                            <h2 id="0x00：分析环境"><a href="#0x00：分析环境" class="headerlink" title="0x00：分析环境"></a>0x00：分析环境</h2><table>
<thead>
<tr>
<th></th>
<th>使用的环境</th>
<th>备注</th>
</tr>
</thead>
<tbody><tr>
<td>操作系统</td>
<td>Windows XP SP3</td>
<td>Vmware 16</td>
</tr>
<tr>
<td>Adobe Reader版本</td>
<td>9.0中文版</td>
<td></td>
</tr>
<tr>
<td>动态调试</td>
<td>OllyDbg v2.01</td>
<td>用的原版的OD其它的OD可能会断不下来</td>
</tr>
<tr>
<td>静态调试</td>
<td>IDA7.0</td>
<td></td>
</tr>
</tbody></table>
                        
                    </div>

                    <div class="home-article-meta-info-container">
    <div class="home-article-meta-info">
        <span><i class="fa-solid fa-calendars"></i>&nbsp;
            <span class="home-article-date" data-date="Thu May 20 2021 09:37:02 GMT+0800">
                
                    2021-05-20
                
            </span>
        </span>
        
            <span class="home-article-category">
                <i class="fa-solid fa-folders"></i>&nbsp;
            <ul>
                
                
                    
                        
                        <li>
                            <a href="/categories/Win%E9%80%86%E5%90%91/">Win逆向</a>&nbsp;
                        </li>
                    
                    
                
            </ul>
        </span>
        
        
            <span class="home-article-tag">
                <i class="fa-solid fa-tags"></i>&nbsp;
                <ul>
                    
                        <li>
                            
                            <a href="/tags/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/">漏洞分析</a>&nbsp;
                        </li>
                    
                        <li>
                            | 
                            <a href="/tags/PDF%E6%BC%8F%E6%B4%9E/">PDF漏洞</a>&nbsp;
                        </li>
                    
                </ul>
            </span>
        
    </div>

    <a href="/2021/05/20/CVE-2009-0927-PDF%E4%B8%AD%E7%9A%84JS/">阅读全文<span class="seo-reader-text">CVE-2009-0927:PDF中的JS</span>&nbsp;<i class="fa-solid fa-angle-right"></i></a>
</div>

                </div>
            </li>
        
    </ul>

    <div class="home-paginator px-7 py-5">
        <div class="paginator">
	<a class="extend prev" rel="prev" href="/page/8/"><i class="fa-regular fa-angle-left"></i></a><a class="page-number" href="/">1</a><span class="space">&hellip;</span><a class="page-number" href="/page/7/">7</a><a class="page-number" href="/page/8/">8</a><span class="page-number current">9</span><a class="page-number" href="/page/10/">10</a><a class="extend next" rel="next" href="/page/10/"><i class="fa-regular fa-angle-right"></i></a>
</div>
  
    </div>
</div>

			</div>

			
		</div>

		<div class="main-content-footer">
			<footer class="footer mt-5 py-5 h-auto text-base text-third-text-color relative border-t-2 border-t-border-color">
    <div class="info-container py-3 text-center">
        
        <div class="text-center">
            &copy;
            
              <span>2022</span>
              -
            
            2025&nbsp;&nbsp;<i class="fa-solid fa-heart fa-beat" style="--fa-animation-duration: 0.5s; color: #f54545"></i>&nbsp;&nbsp;<a href="/">xiaoeryu</a>
            
                
                <p class="post-count space-x-0.5">
                    <span>
                        共撰写了 112 篇文章
                    </span>
                    
                </p>
            
        </div>
        
            <script data-swup-reload-script src="https://busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js"></script>
            <div class="relative text-center lg:absolute lg:right-[20px] lg:top-1/2 lg:-translate-y-1/2 lg:text-right">
                
                    <span id="busuanzi_container_site_uv" class="lg:!block">
                        <span class="text-sm">访问人数</span>
                        <span id="busuanzi_value_site_uv"></span>
                    </span>
                
                
                    <span id="busuanzi_container_site_pv" class="lg:!block">
                        <span class="text-sm">总访问量</span>
                        <span id="busuanzi_value_site_pv"></span>
                    </span>
                
            </div>
        
        <div class="relative text-center lg:absolute lg:left-[20px] lg:top-1/2 lg:-translate-y-1/2 lg:text-left">
            <span class="lg:block text-sm">由 <?xml version="1.0" encoding="utf-8"?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg class="relative top-[2px] inline-block align-baseline" version="1.1" id="圖層_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" width="1rem" height="1rem" viewBox="0 0 512 512" enable-background="new 0 0 512 512" xml:space="preserve"><path fill="#0E83CD" d="M256.4,25.8l-200,115.5L56,371.5l199.6,114.7l200-115.5l0.4-230.2L256.4,25.8z M349,354.6l-18.4,10.7l-18.6-11V275H200v79.6l-18.4,10.7l-18.6-11v-197l18.5-10.6l18.5,10.8V237h112v-79.6l18.5-10.6l18.5,10.8V354.6z"/></svg><a target="_blank" class="text-base" href="https://hexo.io">Hexo</a> 驱动</span>
            <span class="text-sm lg:block">主题&nbsp;<a class="text-base" target="_blank" href="https://github.com/EvanNotFound/hexo-theme-redefine">Redefine v2.8.2</a></span>
        </div>
        
        
            <div>
                博客已运行 <span class="odometer" id="runtime_days" ></span> 天 <span class="odometer" id="runtime_hours"></span> 小时 <span class="odometer" id="runtime_minutes"></span> 分钟 <span class="odometer" id="runtime_seconds"></span> 秒
            </div>
        
        
            <script data-swup-reload-script>
                try {
                    function odometer_init() {
                    const elements = document.querySelectorAll('.odometer');
                    elements.forEach(el => {
                        new Odometer({
                            el,
                            format: '( ddd).dd',
                            duration: 200
                        });
                    });
                    }
                    odometer_init();
                } catch (error) {}
            </script>
        
        
        
    </div>  
</footer>
		</div>
	</div>

	

	<div class="right-side-tools-container">
		<div class="side-tools-container">
	<ul class="hidden-tools-list">
		<li class="right-bottom-tools tool-font-adjust-plus flex justify-center items-center">
			<i class="fa-regular fa-magnifying-glass-plus"></i>
		</li>

		<li class="right-bottom-tools tool-font-adjust-minus flex justify-center items-center">
			<i class="fa-regular fa-magnifying-glass-minus"></i>
		</li>

		<li class="right-bottom-tools tool-dark-light-toggle flex justify-center items-center">
			<i class="fa-regular fa-moon"></i>
		</li>

		<!-- rss -->
		

		

		<li class="right-bottom-tools tool-scroll-to-bottom flex justify-center items-center">
			<i class="fa-regular fa-arrow-down"></i>
		</li>
	</ul>

	<ul class="visible-tools-list">
		<li class="right-bottom-tools toggle-tools-list flex justify-center items-center">
			<i class="fa-regular fa-cog fa-spin"></i>
		</li>
		
		<li class="right-bottom-tools tool-scroll-to-top flex justify-center items-center">
			<i class="arrow-up fas fa-arrow-up"></i>
			<span class="percent"></span>
		</li>
		
		
	</ul>
</div>
	</div>

	<div class="image-viewer-container">
	<img src="">
</div>

	
	<div class="search-pop-overlay">
	<div class="popup search-popup">
		<div class="search-header">
			<span class="search-input-field-pre">
				<i class="fa-solid fa-keyboard"></i>
			</span>
			<div class="search-input-container">
				<input autocomplete="off" autocorrect="off" autocapitalize="off" placeholder="站内搜索您需要的内容..." spellcheck="false" type="search" class="search-input">
			</div>
			<span class="popup-btn-close">
				<i class="fa-solid fa-times"></i>
			</span>
		</div>
		<div id="search-result">
			<div id="no-result">
				<i class="fa-solid fa-spinner fa-spin-pulse fa-5x fa-fw"></i>
			</div>
		</div>
	</div>
</div>
	

</main>



<script src="/js/build/libs/Swup.min.js"></script>

<script src="/js/build/libs/SwupSlideTheme.min.js"></script>

<script src="/js/build/libs/SwupScriptsPlugin.min.js"></script>

<script src="/js/build/libs/SwupProgressPlugin.min.js"></script>

<script src="/js/build/libs/SwupScrollPlugin.min.js"></script>

<script src="/js/build/libs/SwupPreloadPlugin.min.js"></script>

<script>
    const swup = new Swup({
        plugins: [
            new SwupScriptsPlugin({
                optin: true,
            }),
            new SwupProgressPlugin(),
            new SwupScrollPlugin({
                offset: 80,
            }),
            new SwupSlideTheme({
                mainElement: ".main-content-body",
            }),
            new SwupPreloadPlugin(),
        ],
        containers: ["#swup"],
    });
</script>




	
<script src="/js/build/tools/imageViewer.js" type="module"></script>

<script src="/js/build/utils.js" type="module"></script>

<script src="/js/build/main.js" type="module"></script>

<script src="/js/build/layouts/navbarShrink.js" type="module"></script>

<script src="/js/build/tools/scrollTopBottom.js" type="module"></script>

<script src="/js/build/tools/lightDarkSwitch.js" type="module"></script>

<script src="/js/build/layouts/categoryList.js" type="module"></script>



    
<script src="/js/build/tools/localSearch.js" type="module"></script>




    
<script src="/js/build/tools/codeBlock.js" type="module"></script>




    
<script src="/js/build/layouts/lazyload.js" type="module"></script>




    
<script src="/js/build/tools/runtime.js"></script>

    
<script src="/js/build/libs/odometer.min.js"></script>

    
<link rel="stylesheet" href="/assets/odometer-theme-minimal.css">




  
<script src="/js/build/libs/Typed.min.js"></script>

  
<script src="/js/build/plugins/typed.js" type="module"></script>








    
<script src="/js/build/libs/anime.min.js"></script>





    
<script src="/js/build/tools/tocToggle.js" type="module" data-swup-reload-script=""></script>

<script src="/js/build/layouts/toc.js" type="module" data-swup-reload-script=""></script>

<script src="/js/build/plugins/tabs.js" type="module" data-swup-reload-script=""></script>




<script src="/js/build/libs/moment-with-locales.min.js" data-swup-reload-script=""></script>


<script src="/js/build/layouts/essays.js" type="module" data-swup-reload-script=""></script>





	
</body>

</html>